The Microsoft report found that India recorded the third-highest ransomware encounter rate across the region, which was two times higher than the regional average in 2019.
Here’s everything you need to know about the file-encrypting malware and how it works.
What is Ransomware?
Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.
Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin.
How does it work?
Ransomware is a multi-staged attack that attackers have packaged in several different ways. One of the most common delivery systems is phishing spam — attachments that come to the victim in an email, masquerading as a file they should trust. Once they’re downloaded and opened, they can take over the victim’s computer, especially if they have built-in social engineering tools that trick users into allowing administrative access.
Some other, more aggressive forms of ransomware, like NotPetya, exploit security holes to infect computers without needing to trick users.
Here’s how you can prevent Ransomware attacks.
Falling victim to ransomware could put your vital business or personal data at risk of being lost forever. There are several defensive steps you can take to prevent ransomware infection. These steps are of course good security practices in general, so following them improves your defences from all sorts of attacks :
Apply software patches to keep the system up to date.
Patching software flaws is a painful, time-consuming and tedious job. It’s also vital to your security. Malware gangs will seize on any software vulnerabilities and attempt to use them as a way into networks before businesses have had time to test and deploy patches.
Do not click on links from users you don’t recognize.
Clicking on links in an email is probably the best-known way of getting infected with malware. Always make sure the links you open are from a legitimate source.
Change default passwords across all access points.
Nearly a third of ransomware was distributed via brute force and remote desktop protocol (RDP) attacks, according to research by F-Secure. Hackers attempt to access servers and other devices by trying as many passwords as possible, usually with the aid of bots, in the hopes of hitting the jackpot.
Train employees to recognise suspicious emails.
One of the classic routes for ransomware to enter your organisation is via email. That’s because spamming out malware to thousands of email addresses is a cheap and easy way for ransomware gangs to try and spread malware. Scan all emails for known malware strains, and keep firewalls and endpoint protections up to date with the latest known malware signatures.
Limit and secure the number of administrator accounts.
Encrypting the data on one PC isn’t going to make them rich, so they are likely to gain access to a network and then explore widely to spread their malware as far as possible before pulling the trigger and encrypting everything. Make this harder by segmenting networks, and also by limiting and securing the number of administrator accounts, which have wide-ranging access.
Follow Trixter on LinkedIn for more cyber-security information and updates.